Security Monitoring

Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.

A rising tide of threats — from API exploits to deepfakes to extortionary ransomware attacks — is threatening to overwhelm IT security teams.

Only about half of firms have an open source software security policy in place to guide developers in the use of components and frameworks, but those that do exhibit better security.

As Mandiant CEO Kevin Mandia's company prepares to become part of Google, the incident response company continues to investigate many of the most critical cyber incidents.

Microsoft's stand-alone version of Defender for SMBs promises to help SecOps teams automate detection, response, and recovery.

This scale of this month's encrypted DDoS attack over HTTPS suggests a well-resourced operation, analysts say.

As the use of AI- and ML-driven decision-making draws transparency concerns, the need increases for explainability, especially when machine learning models appear in high-risk environments.

Acquisition will add Internet-facing attack surface mapping and monitoring to Tenable's internal asset management products.

With Web application programming interface (API) traffic growing quickly, the average cloud-focused company sees three times more attacks.

Unprecedented numbers of DDoS attacks since February are the result of hacktivists' cyberwar against Russian state interests, researchers say.

Acquisition of cloud-based alert security company will help Sophos automate tasks bogging down security teams, the company says.

Acquisition will blend autonomous threat hunting with cloud-native security analytics for automating security tasks.

Companies must enforce more security on their own third-party providers and retain the ability to conduct independent investigations, experts say.

Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings — a key component of DevSecOps.

Omdia Senior Analyst Hollie Hennessy says the new threat to multiple ICS and SCADA devices underscores the importance of a rapid response to IoT and OT security risks.